[webkit-changes] [WebKit/WebKit] ae6900: Verify user gesture for popups originated from UI ...

J Pascoe noreply at github.com
Fri Mar 3 17:13:33 PST 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: ae690092de533ece84f31ade478c148b82d8496c
      https://github.com/WebKit/WebKit/commit/ae690092de533ece84f31ade478c148b82d8496c
  Author: J Pascoe <j_pascoe at apple.com>
  Date:   2023-03-03 (Fri, 03 Mar 2023)

  Changed paths:
    M Source/WTF/Scripts/Preferences/UnifiedWebPreferences.yaml
    M Source/WebCore/dom/UserGestureIndicator.cpp
    M Source/WebCore/dom/UserGestureIndicator.h
    M Source/WebCore/page/EventHandler.cpp
    M Source/WebCore/platform/PlatformEvent.h
    M Source/WebCore/platform/PlatformMouseEvent.h
    M Source/WebKit/Shared/NavigationActionData.h
    M Source/WebKit/Shared/NavigationActionData.serialization.in
    M Source/WebKit/Shared/WebEvent.cpp
    M Source/WebKit/Shared/WebEvent.h
    M Source/WebKit/Shared/WebEvent.serialization.in
    M Source/WebKit/Shared/WebEventConversion.cpp
    M Source/WebKit/Shared/mac/WebEventFactory.mm
    M Source/WebKit/UIProcess/API/APIUserInitiatedAction.h
    M Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm
    M Source/WebKit/UIProcess/API/Cocoa/WKPreferencesPrivate.h
    M Source/WebKit/UIProcess/WebPageProxy.cpp
    M Source/WebKit/UIProcess/WebProcessProxy.cpp
    M Source/WebKit/UIProcess/WebProcessProxy.h
    M Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp
    M Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp

  Log Message:
  -----------
  Verify user gesture for popups originated from UI process
https://bugs.webkit.org/show_bug.cgi?id=253338
rdar://problem/106207015

Reviewed by Chris Dumez

For certain actions like opening a new window, we don't want the web process to be
able to fake a user gesture to the client. This patch accomplishes that by creating
an identifier whenever we parse the input event, storing it, and then invalidating it
whenever we get it back from a WebProcess wanting to perform an action where we don't
want to trust simulated gestures.

* Source/WTF/Scripts/Preferences/UnifiedWebPreferences.yaml:
* Source/WebCore/dom/UserGestureIndicator.cpp:
(WebCore::UserGestureToken::UserGestureToken):
(WebCore::UserGestureIndicator::UserGestureIndicator):
(WebCore::UserGestureIndicator::authorizationToken):
* Source/WebCore/dom/UserGestureIndicator.h:
(WebCore::UserGestureToken::create):
(WebCore::UserGestureToken::authorizationToken):
* Source/WebCore/page/EventHandler.cpp:
(WebCore::EventHandler::handleMouseReleaseEvent):
* Source/WebCore/platform/PlatformEvent.h:
(WebCore::PlatformEvent::authorizationToken const):
* Source/WebCore/platform/PlatformMouseEvent.h:
* Source/WebKit/Shared/NavigationActionData.h:
* Source/WebKit/Shared/NavigationActionData.serialization.in:
* Source/WebKit/Shared/WebEvent.cpp:
(WebKit::WebEvent::WebEvent):
* Source/WebKit/Shared/WebEvent.h:
(WebKit::WebEvent::authorizationToken const):
* Source/WebKit/Shared/WebEvent.serialization.in:
* Source/WebKit/Shared/WebEventConversion.cpp:
(WebKit::WebKit2PlatformMouseEvent::WebKit2PlatformMouseEvent):
* Source/WebKit/Shared/mac/WebEventFactory.mm:
(WebKit::WebEventFactory::createWebMouseEvent):
(WebKit::WebEventFactory::createWebWheelEvent):
(WebKit::WebEventFactory::createWebKeyboardEvent):
* Source/WebKit/UIProcess/API/APIUserInitiatedAction.h:
* Source/WebKit/UIProcess/API/Cocoa/WKPreferences.mm:
(-[WKPreferences _setVerifyWindowOpenUserGestureFromUIProcess:]):
(-[WKPreferences _verifyWindowOpenUserGestureFromUIProcess]):
* Source/WebKit/UIProcess/API/Cocoa/WKPreferencesPrivate.h:
* Source/WebKit/UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::processNextQueuedMouseEvent):
(WebKit::WebPageProxy::handleKeyboardEvent):
(WebKit::WebPageProxy::createNewPage):
(WebKit::WebPageProxy::didReceiveEvent):
* Source/WebKit/UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::userInitiatedActivity):
(WebKit::WebProcessProxy::consumeIfNotVerifiablyFromUIProcess):
(WebKit::WebProcessProxy::didDestroyUserGestureToken):
* Source/WebKit/UIProcess/WebProcessProxy.h:
* Source/WebKit/WebProcess/WebCoreSupport/WebChromeClient.cpp:
(WebKit::WebChromeClient::createWindow):
* Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp:
(WebKit::WebFrameLoaderClient::didSameDocumentNavigationForFrameViaJSHistoryAPI):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNewWindowAction):
(WebKit::WebFrameLoaderClient::dispatchDecidePolicyForNavigationAction):

Canonical link: https://commits.webkit.org/261190@main

More information about the webkit-changes mailing list